As a security best practice, allow users only the system privileges that they need to do their jobs on VMware appliance host machines.

About this task

Permitting user accounts with privileges to manipulate network interfaces can result in bypassing network security mechanisms or denial of service. Restrict the ability to change network interface settings to privileged users.

Procedure

  1. Run the following command on each VMware appliance host machine.

    # grep -i '^USERCONTROL=' /etc/sysconfig/network/ifcfg*

  2. Make sure that each interface is set to NO.